dataset/seed/vector/templates/vector.toml
2023-08-29 10:37:29 +02:00

115 lines
2.9 KiB
TOML

# __ __ __
# \ \ / / / /
# \ V / / /
# \_/ \/
#
# V E C T O R
# Configuration
#
# ------------------------------------------------------------------------------
# Website: https://vector.dev
# Docs: https://vector.dev/docs
# Chat: https://chat.vector.dev
# ------------------------------------------------------------------------------
# Change this to use a non-default directory for Vector data storage:
# data_dir = "/var/lib/vector"
#>GNUNUX
data_dir = "/srv/vector"
#<GNUNUX
# Random Syslog-formatted logs
#>GNUNUX
#[sources.dummy_logs]
#type = "demo_logs"
#format = "syslog"
#interval = 1
{% if general.vector.client_addresses %}
#from journal
[sources.vector_client]
type = "vector"
{% for address in general.vector.listen_addresses %}
address = "{{ address }}:8686"
{% endfor %}
{% endif %}
[sources.remote_journal]
type = "journald"
#journal_directory = "/var/log/journal/remote/"
journalctl_path = "/usr/local/lib/sbin/vector_journalctl"
current_boot_only = false
#<GNUNUX
# Parse Syslog logs
# See the Vector Remap Language reference for more info: https://vrl.dev
#>GNUNUX
#[transforms.parse_logs]
#type = "remap"
#inputs = ["dummy_logs"]
#source = '''
#. = parse_syslog!(string!(.message))
#'''
[transforms.filter_logs]
type = "filter"
{% if general.vector.client_addresses %}
inputs = ["vector_client", "remote_journal"]
{% else %}
inputs = ["remote_journal"]
{% endif %}
condition = '{{ accounts.vector_conditions }}'
[transforms.parse_logs]
type = "remap"
inputs = ["filter_logs"]
# "syslog_identifier": .SYSLOG_IDENTIFIER,
source = '''
if is_null(.SYSLOG_IDENTIFIER) {
.SYSLOG_IDENTIFIER = ._SYSTEMD_UNIT
}
. = {
"message" : .message,
"timestamp": .timestamp,
"hostname" : .host,
"priority": .PRIORITY,
"identifier": .SYSLOG_IDENTIFIER,
"uid": ._UID,
"gid": ._GID,
"pid": ._PID,
"severity": to_syslog_level(to_int(.PRIORITY) ?? 0) ?? ""
}
'''
#<GNUNUX
# Print parsed logs to stdout
#>GNUNUX
#[sinks.print]
#type = "console"
#inputs = ["parse_logs"]
#encoding.codec = "json"
#[sinks.file_text_output]
#type = "file"
#inputs = ["parse_logs"]
#encoding.codec = "json"
#{% raw %}path = "/srv/vector/logs/by-host/{{ hostname }}/%Y-%m-%d.log"{% endraw %}
[sinks.loki_output]
type = "loki"
inputs = ["parse_logs"]
endpoint = "http://{{ general.loki.server_domainname }}:3100"
encoding.codec = "json"
{%- raw %}
labels = {app="{{ identifier }}", host=" {{ hostname }}", severity="{{ severity }}"}
{% endraw -%}
#<GNUNUX
# Vector's GraphQL API (disabled by default)
# Uncomment to try it out with the `vector top` command or
# in your browser at http://localhost:8686
#[api]
#enabled = true
#address = "127.0.0.1:8686"
#>GNUNUX
[api]
enabled = true
address = "127.0.0.1:8686"
#<GNUNUX